2d7b6392d73177a0468d2578416596ac_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2d7b6392d73177a0468d2578416596ac_JaffaCakes118
Size

279KB
MD5

2d7b6392d73177a0468d2578416596ac
SHA1

22177a3b4511dd2f1f47e20c7b47e29ca2411fb1
SHA256

3376fb2b7de0728c672f93d39f86ff9739e55a4a0edd337a80b6ad76a0f2000f
SHA512

567ce19eba802a6f8fd8c9e98e7c1feb92b565579939a228d1f969d429c110bfb1a1649a39d7ae61ad03f13a27648bfb4cd2f2576da2aeecd3846ab8128748a8
SSDEEP

6144:/4wOicvxO1X+rHh1W+R81AFWubEAFztZDf1:7dWO1X6c+JNwARrD9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d7b6392d73177a0468d2578416596ac_JaffaCakes118

Files

2d7b6392d73177a0468d2578416596ac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

939a858a7781ebf31d6cbe363ae704fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExW
GetProcAddress
LoadLibraryW
GetLastError
FormatMessageA
HeapAlloc
HeapFree
LocalFree
WriteConsoleW
WideCharToMultiByte
WriteFile
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
SetUnhandledExceptionFilter
GetProcessHeap
FileTimeToSystemTime
FormatMessageW
MultiByteToWideChar
GetComputerNameA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
RtlUnwind
DisableThreadLibraryCalls
lstrlenW
GlobalAlloc
CompareStringW
GlobalFree
FreeLibrary
FindResourceW
LoadLibraryExW
GetModuleFileNameW
GetFullPathNameW
GetFileAttributesW
LocalAlloc
GetModuleHandleA
Sleep
InterlockedExchange
InterlockedCompareExchange
GetVersion
GetCommandLineA
VirtualProtect
GetTickCount
GetModuleHandleW
GetStartupInfoA

user32

LoadStringW
LoadImageW
ReleaseDC
GetDC

advapi32

RegCloseKey
CryptSetProvParam
RegQueryValueExW
ConvertStringSidToSidA
CryptAcquireContextW

gdi32

GetDeviceCaps

rpcrt4

RpcStringFreeA
UuidFromStringA
RpcStringBindingComposeA
RpcBindingFromStringBindingA
RpcBindingSetAuthInfoExA
RpcEpResolveBinding
RpcMgmtInqStats
RpcMgmtStatsVectorFree

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
__setusermatherr
__getmainargs
_acmdln
_exit
strncpy
__CxxFrameHandler
_except_handler3
free
_initterm
_amsg_exit
_adjust_fdiv
_XcptFilter
atoi
strstr
memset
fprintf
_iob
_stricmp
exit
malloc
printf
strtol
getchar
_getch
strchr
wcsstr

Sections

.text
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

939a858a7781ebf31d6cbe363ae704fa

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

rpcrt4

msvcrt

Sections

.text Size: 272KB - Virtual size: 272KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 254KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 272KB - Virtual size: 272KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 254KB

.rsrc
Size: 2KB - Virtual size: 2KB